Chris Brine-Howe, chief information security officer at Arvato UK & Ireland, has spoken to Local Government News about the need for councils to get the right data protection processes in place to keep their online services secure and avoid substantial fines from forthcoming regulations.
While channel shift has clear benefits for authorities, delivering more digital services will mean having to hold more citizen information online, increasing the risk of identity theft or a data breach and the subsequent potential impact of any such occurrence. Chris argues that ensuring they can effectively safeguard the personal and financial data they hold on each citizen presents a significant challenge.
Together with the upcoming EU General Data Protection Regulation, which carries the threat of significant fines, both the government’s Data Protection Act and Payment Card Industry Data Security Standard (PCI DSS) are modified frequently, with each iteration pushing the security bar higher and making it difficult to keep pace.
Chris commented: “To fulfil the potential channel shift has to offer, councils must not only ensure they have the right security culture, security controls, risk processes and technology embedded across the authority, but that they collaborate with other organisations. Whether that’s learning from, or sharing services with other councils who have the correct risk management practices in place, or joining up with a private sector partner with the relevant expertise, authorities need to move quickly to get their processes in order.”
You can read the full article here